On 2015-07-26 07:53:45 -0500, John Hasler wrote: > Vincent Lefevre writes: > > Unfortunately none of them is secure, I mean: some attacker won't tend > > to make the date on your machine incorrect because of lack of > > authentication. > > http://www.ntp.org/ntpfaq/NTP-s-config-adv.htm > > See section 6.6.2, Authentication
No, this is completely ridiculous: "The keys residing in /etc/ntp.keys typically are unencrypted and thus should be hidden from public." I don't see how this can work with public NTP servers! > Even without it, though, sucessfully spoofing all four of the servers > you use would be challenging. I don't see why this would be difficult for someone who controls the local network (e.g. the wifi hotspot). -- Vincent Lefèvre <vinc...@vinc17.net> - Web: <https://www.vinc17.net/> 100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/> Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon) -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20150726130733.ga21...@zira.vinc17.org
